![CentreLogos_SE [BLACK].png](https://static.wixstatic.com/media/129c98_a3cffea9876b499c8d01762ab924d7c4~mv2.png/v1/crop/x_0,y_6,w_1064,h_467/fill/w_196,h_88,al_c,q_85,usm_0.66_1.00_0.01,enc_avif,quality_auto/CentreLogos_SE%20%5BBLACK%5D.png)
Important cybersecurity warning for small businesses
- 11 hours ago
- 2 min read
The UK’s National Cyber Security Centre (NCSC) has issued new warnings about a Russian state‑linked hacking group known as APT28. This group has been breaking into everyday internet routers, often the same type used in small offices and home workplaces, to steal passwords and other private information. They do this by quietly changing how the router directs internet traffic, sending people to fake websites that look real. From there, attackers can capture login details for email and other online services.
Attackers cast a wide net, trying to break into as many vulnerable routers as possible. Once inside, they focus on targets that seem valuable, meaning any small business could be caught in the middle without realising it.
Why this matters to small businesses
Small firms often rely on simple, off‑the‑shelf routers. If these devices are left with old software or default passwords, they become easy targets. Once a router is taken over:
Every device connected to it, laptops, mobiles, tablets, can be quietly redirected to fake websites.
Staff may enter real passwords into convincing copies of common services like Outlook.
Hackers may gain ongoing access to emails, accounts, and other sensitive business information.
It’s a silent threat: everything may appear normal while your data is being stolen in the background.
What actionable steps can be taken?
There are several key steps that directly help defend against this type of attack:
Use strong passwords and two‑step verification
If attackers do get into your router, stolen passwords are less useful when accounts also require a second step, like an app code, to log in.
Keep your devices updated
Many of the hacked routers were vulnerable because they were running old software with known security gaps. Keeping routers up to date closes these holes.
Secure your internet router which may mean checking with your MSP or building management if someone else is maintaining the routers.
The NCSC stresses how important it is to protect router settings, change default passwords, and turn off remote access if you don’t need it. This makes it much harder for criminals to break in.
Be alert to fake websites
Because attackers redirect your traffic, you may see login pages that look real but aren’t. Training staff to be cautious helps reduce the risk of entering sensitive details in the wrong place.
Keep an eye on your systems
Regularly checking router settings or unusual behaviour—like slow internet or login issues—can reveal problems early.
If you haven’t taken up our Security Awareness Training yet, this provides useful advice and guidance regarding above, otherwise, please reach out to your CRC team, who can offer you a 1-2-1 consultation.
Comments